This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft File: aBFGMD9XUewN_C71R6qyR69OaB8.mft (raw, json) Hash identifier: W9KuwD8kZ2RYaABKGe4gIQA9ojNPsXMPQ2c0BsigxcQ= Subject key identifier: BB:42:47:A8:43:68:1D:E0:5C:C2:11:F4:52:F3:65:1D:99:F7:E6:6C Authority key identifier: 68:11:46:30:3F:57:51:EC:0D:FC:2E:F5:47:AA:B2:47:AF:4E:68:1F Certificate issuer: /CN=681146303f5751ec0dfc2ef547aab247af4e681f Certificate serial: 019AF12DD7FE29E02B89468CF21A3E55BE0B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aBFGMD9XUewN_C71R6qyR69OaB8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft Manifest number: 0E41 Signing time: Sat 06 Dec 2025 01:01:44 +0000 Manifest this update: Sat 06 Dec 2025 01:01:44 +0000 Manifest next update: Sun 07 Dec 2025 01:01:44 +0000 Files and hashes: 1: aBFGMD9XUewN_C71R6qyR69OaB8.crl (hash: 4zfGlifBH1AsSlKdtcCaF5eROynR/9qPbuUnH4czXFc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft rsync://rpki.ripe.net/repository/DEFAULT/aBFGMD9XUewN_C71R6qyR69OaB8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:d7:fe:29:e0:2b:89:46:8c:f2:1a:3e:55:be:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=681146303f5751ec0dfc2ef547aab247af4e681f Validity Not Before: Dec 6 01:01:44 2025 GMT Not After : Dec 7 01:01:44 2025 GMT Subject: CN=bb4247a843681de05cc211f452f3651d99f7e66c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:5d:ff:7d:b8:24:87:ce:5d:fe:ec:7a:6e:cb: 8e:b4:08:ca:8c:0e:88:18:2f:dc:36:73:fc:a5:ea: 47:50:6f:c7:ff:3e:7c:a1:8d:51:d1:8a:0c:da:3b: 0e:fc:ff:42:ea:b2:6e:d1:09:3a:6e:53:2e:46:9d: 93:f3:56:c8:55:3c:3f:03:6a:db:49:73:ed:2a:1b: 10:af:db:73:ad:cc:64:7b:2d:54:29:e8:0d:75:84: a3:73:3b:1e:71:dc:80:42:d4:68:bd:a7:59:2f:c8: 34:d7:3e:23:2d:5b:08:5c:d7:fc:46:65:d4:40:3b: 99:e1:23:04:9c:35:ce:76:da:e0:5a:7e:a0:4c:d0: f2:5a:95:65:2f:93:0e:c9:38:b8:cd:65:ef:5e:ca: a4:75:5d:05:33:11:90:a0:95:8e:cd:65:d5:1a:60: e5:ad:2a:8c:f6:9c:d6:72:c7:e5:06:7a:c8:3e:29: 02:77:d3:94:8d:34:28:ca:6c:21:1a:a7:c2:f4:cc: 48:4b:00:28:f6:6e:63:0c:a7:e5:46:29:02:42:bb: 2d:ce:db:fa:91:2a:a8:52:44:77:43:eb:fa:16:61: 45:ae:bc:1a:47:ac:2d:4a:09:f4:94:4c:1b:70:66: 99:ad:83:0e:69:1a:91:cc:f2:8b:6a:d8:c2:54:e2: f1:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:42:47:A8:43:68:1D:E0:5C:C2:11:F4:52:F3:65:1D:99:F7:E6:6C X509v3 Authority Key Identifier: keyid:68:11:46:30:3F:57:51:EC:0D:FC:2E:F5:47:AA:B2:47:AF:4E:68:1F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBFGMD9XUewN_C71R6qyR69OaB8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 20:f0:4e:dd:bd:19:fa:5e:e0:82:79:01:04:01:88:11:f4:8e: 44:b2:ef:08:38:88:6d:95:c4:29:9f:1c:16:8d:80:c1:13:3d: 86:29:5d:46:ef:72:7c:5b:ae:e8:c8:d3:f0:a9:46:eb:68:fb: 61:40:f7:41:8d:5f:b7:a2:68:a2:0e:07:cf:ee:38:18:38:58: fe:63:c7:1f:e6:11:29:81:be:1f:3a:17:df:87:fa:c5:ef:f1: 1d:0d:1f:db:f7:ef:12:48:80:ba:7d:26:2b:e6:25:6c:09:23: 5e:37:fe:fe:c3:46:99:da:ba:73:ed:00:f2:ac:b4:72:18:fd: f3:96:83:c0:06:a4:1c:35:a0:da:c4:ca:a9:c4:02:6e:36:18: 3d:68:5c:0f:70:e9:b9:8b:b1:30:b0:6f:fb:70:85:77:c5:7a: 30:f7:45:7e:aa:cf:04:ee:96:c5:45:90:00:27:d8:0f:af:ba: 53:58:e7:a7:ab:05:fe:b2:87:34:b5:c0:9a:f8:ab:cf:86:8f: 57:1a:3a:81:c4:c9:8e:19:4a:19:08:36:1d:2f:01:13:4e:33: 36:da:73:bd:ff:58:3e:b4:03:88:9b:9d:c6:50:0b:00:46:5c: f1:a2:14:ca:8a:b6:f8:b6:5c:20:ce:a5:72:ee:48:9a:8f:da: d5:89:6a:f3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLdf+KeAriUaM8ho+Vb4LMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4MTE0NjMwM2Y1NzUxZWMwZGZjMmVmNTQ3YWFiMjQ3YWY0 ZTY4MWYwHhcNMjUxMjA2MDEwMTQ0WhcNMjUxMjA3MDEwMTQ0WjAzMTEwLwYDVQQD EyhiYjQyNDdhODQzNjgxZGUwNWNjMjExZjQ1MmYzNjUxZDk5ZjdlNjZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnl3/fbgkh85d/ux6bsuOtAjKjA6I GC/cNnP8pepHUG/H/z58oY1R0YoM2jsO/P9C6rJu0Qk6blMuRp2T81bIVTw/A2rb SXPtKhsQr9tzrcxkey1UKegNdYSjczsecdyAQtRovadZL8g01z4jLVsIXNf8RmXU QDuZ4SMEnDXOdtrgWn6gTNDyWpVlL5MOyTi4zWXvXsqkdV0FMxGQoJWOzWXVGmDl rSqM9pzWcsflBnrIPikCd9OUjTQoymwhGqfC9MxISwAo9m5jDKflRikCQrstztv6 kSqoUkR3Q+v6FmFFrrwaR6wtSgn0lEwbcGaZrYMOaRqRzPKLatjCVOLxyQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLtCR6hDaB3gXMIR9FLzZR2Z9+ZsMB8GA1UdIwQY MBaAFGgRRjA/V1HsDfwu9UeqskevTmgfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUJGR01EOVhVZXdOX0M3MVI2cXlSNjlPYUI4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9kOTM4ZGMtMDBjNC00NjgwLTk5NDQt NGEzNzMzZjQ3MjJiLzEvYUJGR01EOVhVZXdOX0M3MVI2cXlSNjlPYUI4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS9kOTM4ZGMtMDBjNC00NjgwLTk5NDQtNGEzNzMzZjQ3MjJi LzEvYUJGR01EOVhVZXdOX0M3MVI2cXlSNjlPYUI4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIPBO3b0Z +l7ggnkBBAGIEfSORLLvCDiIbZXEKZ8cFo2AwRM9hildRu9yfFuu6MjT8KlG62j7 YUD3QY1ft6Joog4Hz+44GDhY/mPHH+YRKYG+HzoX34f6xe/xHQ0f2/fvEkiAun0m K+YlbAkjXjf+/sNGmdq6c+0A8qy0chj985aDwAakHDWg2sTKqcQCbjYYPWhcD3Dp uYuxMLBv+3CFd8V6MPdFfqrPBO6WxUWQACfYD6+6U1jnp6sF/rKHNLXAmvirz4aP Vxo6gcTJjhlKGQg2HS8BE04zNtpzvf9YPrQDiJudxlALAEZc8aIUyoq2+LZcIM6l cu5Imo/a1Ylq8w== -----END CERTIFICATE-----Generated at Sat Dec 6 11:13:41 2025 by rpki-client